Marcel Lehel Lazar, 46, is a former taxi driver who has admitted to perpetrating a string of email and social media account takeovers, using the hacker handle Guccifer - a portmanteau of Gucci and Lucifer.

In September, the Alba Iulia Court of Appeal in Romania ruled that after Lazar finished serving a seven-year sentence in the Romanian city of Deva for those crimes, he would be sent to the United States to serve a 52-month sentence (see: Romanian Hacker 'Guccifer' to Be Extradited to US).

Lazar appealed that decision, but it was dismissed by Romania's high court on Oct. 5, and on Oct. 23, a court in the city of Hunedoara ruled that he should be conditionally released from his seven-year sentence to begin doing time in the U.S., Romanian media outlet Digi 24 reported.

On Monday, Digi 24 reported that in the prior few days, Lazar had already been handed over to U.S. authorities.

The U.S. Department of Justice has confirmed to Information Security Media Group that Lazar is now in the U.S. and has begun serving his sentence.

"On Sept. 1, 2016, Marcel Lehel Lazar, aka 'Guccifer,' was sentenced by U.S. District Court Judge James C. Cacheris to serve 52 months in prison, to be followed by three years of supervised release, following his May 25, 2016, guilty plea in the Eastern District of Virginia to unauthorized access to a protected computer and aggravated identity theft," a U.S. Department of Justice spokeswoman tells ISMG.

"Pursuant to the agreement with Romanian authorities, Lazar returned to Romania to finish his Romanian sentence and was returned last week to the United States to serve his U.S. sentence," she said.

Email and Social Media Hacking Spree

From 2012 to 2014, Lazar allegedly gained access to Gmail, Facebook, AOL and other accounts by brute-force guessing their weak passwords. His victims included numerous Romanian celebrities and officials, including lawmakers and members of the state security services.

His list of U.S. victims included former Secretary of State Colin Powell and President George W. Bush, from whom Lazar stole and released a painted self-portrait of Bush in the bathtub.

Lazar also revealed that Hillary Clinton had used a private email address while serving as the U.S. secretary of state. After coming to light in the spring of 2016, the resulting scandal dogged her 2016 U.S. presidential election campaign.

The FBI, meanwhile, launched an investigation into Clinton's email server, ultimately concluding that there was no evidence of wrongdoing or signs that anyone had hacked the email server.

Indicted by US in 2014

Since early 2016, Lazar has been splitting his time between U.S. and Romanian courtrooms and prison cells.

U.S. prosecutors first indicted Lazar in June 2014 for computer crime offenses, just after he was sentenced to serve a prison sentence in Romania for similar crimes.

In March 2016, Romania released Lazar - early - and sent him to appear before the U.S. District Court for the Eastern District of Virginia, where he pleaded guilty to aggravated identity theft and unauthorized access to a computer. As noted, Judge Cacheris sentenced him to serve 52 months in federal prison.

Following Lazar's sentencing, the Justice Department said: "From at least October 2012 to January 2014, Lazar intentionally gained unauthorized access to personal email and social media accounts belonging to approximately 100 Americans, and he did so to unlawfully obtain his victims' personal information and email correspondence."

Guccifer 2.0? No Relation

Guccifer shouldn't be confused with "Guccifer 2.0," a hacker who claimed to be Romanian.

Guccifer 2.0 took credit for breaching the Democratic National Committee and dumping stolen data, including thousands of emails stolen from the personal email account of John Podesta, Clinton's 2016 presidential campaign chairman.

But cracks in the Guccifer 2.0 persona appeared early, especially since the hacker didn't appear to be able to speak Romanian.

Earlier this year, a report said investigators had found that Guccifer 2.0, whose IP address had always been masked by a VPN, had failed to activate the VPN on at least one occasion, revealing an IP address that traced back to the headquarters of Russia's GRU military intelligence agency in Moscow (see: Report: Guccifer 2.0 Unmasked at Last).

In July, the Justice Department charged 12 members of the GRU with hacking into computers - and for some, with trying to hack a state election board and election software firms - as part of a disinformation campaign designed to influence the 2016 U.S. elections (see: 10 Takeaways: Russian Election Interference Indictment).

"These GRU officers, in their official capacities, engaged in a sustained effort to hack into the computer networks of the Democratic Congressional Campaign Committee, the Democratic National Committee and the presidential campaign of Hillary Clinton, and released that information on the internet under the names 'DCLeaks' and 'Guccifer 2.0' and through another entity," the Justice Department said.

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.